专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明授权

US08286225B2 Method and apparatus for detecting cyber threats 有权
标题翻译：检测网络威胁的方法和装置
公开(公告)号：US08286225B2
公开(公告)日：2012-10-09
申请号：US12537796
申请日：2009-08-07
申请人： Bjorn Markus Jakobsson
发明人： Bjorn Markus Jakobsson
IPC分类号： G06F7/04
CPC分类号： H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/2852 , H04L67/2857
摘要： A method and apparatus for detecting cyber threats using reinforced cookies, which include HTTP cookies, history cookies, cache cookies and/or other types. A history cookie comprises an entry for a particular web page in a browser's navigation history. A cache cookie comprises an entry for a particular object (e.g., an image file) within a browser's cache. Upon a client's first visit to a web server, an identifier record is generated comprising data such as a user ID, a client device ID, an age (e.g., a counter), a cookie type, an authentication field, etc. From the unique identifier, one or more types of reinforced cookies are generated and stored with the client browser. On a subsequent visit, the client's cookie configuration is examined to determine whether the client may be the perpetrator or victim of a cyber attack. Cookies may be updated or replaced on some or all visits.
摘要翻译：一种用于使用加强的Cookie检测网络威胁的方法和装置，其包括HTTP cookie，历史cookie，缓存cookie和/或其他类型。历史cookie包括浏览器的导航历史中特定网页的条目。缓存cookie包括用于浏览器缓存内的特定对象（例如，图像文件）的条目。在客户端首次访问Web服务器时，生成包括诸如用户ID，客户端设备ID，年龄（例如，计数器），cookie类型，认证字段等的数据的标识符记录。从唯一的标识符，生成一个或多个类型的加强型Cookie，并与客户端浏览器一起存储。在随后的访问中，会检查客户端的cookie配置，以确定客户端是否可能是网络攻击的肇事者或受害者。 Cookie可能会在某些或所有访问时更新或更换。

72. 发明申请

US20110041180A1 AUDITING A DEVICE 有权
标题翻译：审查一个设备
公开(公告)号：US20110041180A1
公开(公告)日：2011-02-17
申请号：US12580891
申请日：2009-10-16
申请人： Bjorn Markus Jakobsson , Karl-Anders R. Johansson
发明人： Bjorn Markus Jakobsson , Karl-Anders R. Johansson
IPC分类号： G06F12/14
CPC分类号： G06F21/566 , G06F21/56
摘要： Auditing a device is disclosed. One or more hardware parameters that correspond to a hardware configuration is received. A sequence of modifications to the physical memory is performed. Results are provided to a verifier. Optionally, once it is determined that no evasive software is active in the physical memory, a scan is performed.
摘要翻译：公开了审计设备。接收与硬件配置对应的一个或多个硬件参数。执行对物理存储器的一系列修改。结果提供给验证者。可选地，一旦确定物理存储器中没有回避软件是活动的，则执行扫描。

73. 发明申请

US20110041178A1 AUDITING A DEVICE 有权
标题翻译：审查一个设备
公开(公告)号：US20110041178A1
公开(公告)日：2011-02-17
申请号：US12714547
申请日：2010-03-01
申请人： Bjorn Markus Jakobsson , Karl-Anders R. Johansson
发明人： Bjorn Markus Jakobsson , Karl-Anders R. Johansson
IPC分类号： G06F21/00
CPC分类号： G06F21/56 , G06F21/566 , G06F21/57 , H04W12/12
摘要： The auditing of a device that includes a physical memory is disclosed. One or more hardware parameters that correspond to a hardware configuration is received. Initialization information is also received. The physical memory is selectively read and at least one result is determined. The result is provided to a verifier.
摘要翻译：公开了对包括物理存储器的设备的审计。接收与硬件配置对应的一个或多个硬件参数。也收到初始化信息。选择性地读取物理存储器，并确定至少一个结果。结果提供给验证者。

74. 发明申请

US20100153275A1 METHOD AND APPARATUS FOR THROTTLING ACCESS USING SMALL PAYMENTS 审中-公开
标题翻译：使用小额支付进行转盘的方法和装置
公开(公告)号：US20100153275A1
公开(公告)日：2010-06-17
申请号：US12336004
申请日：2008-12-16
申请人： Bjorn Markus Jakobsson , Christopher Soghoian
发明人： Bjorn Markus Jakobsson , Christopher Soghoian
IPC分类号： G06Q20/00 , H04L9/00
CPC分类号： H04L9/32 , G06Q20/04 , G06Q20/10 , G06Q20/38 , G06Q20/3829 , H04L2209/56
摘要： One embodiment of the present invention provides a system for controlling access to resources using small payments. The system receives a request from an entity to access a resource. In response, the system requests the entity to submit information about the entity's account with a financial service provider (FSP). The system then transfers a fund to the entity's account and sends a message through the FSP to the entity with the fund transfer. The system receives from the entity an input corresponding to the message and determines that a first condition is met based on the received input and the message. As a result, the system grants the entity access to the resource.
摘要翻译：本发明的一个实施例提供一种用于使用小付款来控制对资源的访问的系统。系统从实体接收到访问资源的请求。作为回应，系统请求实体向金融服务提供商（FSP）提交关于实体账户的信息。然后，系统将资金转入实体账户，并通过FSP向基金转移的实体发送消息。系统从实体接收与该消息对应的输入，并根据接收的输入和消息确定满足第一条件。因此，系统授予实体访问资源的权限。

75. 发明申请

US20100125906A1 RESETTING A FORGOTTEN PASSWORD USING THE PASSWORD ITSELF AS AUTHENTICATION 审中-公开
标题翻译：使用密码重新填写密码，以作为认证
公开(公告)号：US20100125906A1
公开(公告)日：2010-05-20
申请号：US12273789
申请日：2008-11-19
申请人： Philippe J.P. Golle , Bjorn Markus Jakobsson , Richard Chow
发明人： Philippe J.P. Golle , Bjorn Markus Jakobsson , Richard Chow
IPC分类号： H04L9/32
CPC分类号： H04L9/3271 , G06F21/31 , G06F2221/2131 , H04L9/0891 , H04L9/3226
摘要： One embodiment of the present invention provides a system for resetting a user's forgotten password. During operation, the system receives a user's request for resetting the user's forgotten password and derives one or more challenges from the user's forgotten password. The system then presents the derived challenges to the user and receives a response from the user to the challenges. The system further compares the user's response to the one or more challenges with the user's forgotten password, thereby facilitating password resetting.
摘要翻译：本发明的一个实施例提供了一种用于重置用户忘记密码的系统。在操作期间，系统收到用户重置用户忘记密码的请求，并从用户忘记的密码中导出一个或多个挑战。然后系统向用户呈现衍生的挑战，并接收用户对挑战的响应。该系统进一步将用户对一个或多个挑战的响应与用户忘记的密码进行比较，从而便于密码重置。

76. 发明授权

US07644274B1 Methods of protecting against spam electronic mail 有权
标题翻译：防止垃圾电子邮件的方法
公开(公告)号：US07644274B1
公开(公告)日：2010-01-05
申请号：US09538663
申请日：2000-03-30
申请人： Bjorn Markus Jakobsson , Joy Colette Mueller
发明人： Bjorn Markus Jakobsson , Joy Colette Mueller
IPC分类号： H04L9/32
CPC分类号： H04L63/126 , H04L51/12
摘要： Methods of preventing spam email in an email system include determining whether a sender of email to a receiver of email has paid a required setup price or cost to become a registered sender of email to the receiver. If it is determined that the sender has not paid the required setup cost, then the receiver can reject the sender's email to thereby eliminate the receipt of unwanted spam messages. In order to qualify as a registered sender, the sender undergoes a qualification scheme wherein it pays the required cost, which may be for example monetary or computationally related, and is assigned an encrypted key by the receiver which allows the sender to send to the receiver email authenticated using the unique key associated with the sender and receiver. The receiver has the option of accepting or rejecting email from a sender in this fashion and can change the required setup cost or requirement at any time to ensure that the sender does not try to corrupt the email system once registered.
摘要翻译：在电子邮件系统中防止垃圾邮件的方法包括确定电子邮件的发送者是否已经向电子邮件的接收者发送了要求的设置价格或成本，以成为向接收者发送电子邮件的注册发送者。如果确定发件人尚未支付所需的设置费用，则接收方可以拒绝发件人的电子邮件，从而消除收到不需要的垃圾邮件。为了符合注册发件人的资格，发件人经历资格计划，其中支付所需的成本，例如货币或计算相关的，并由接收者分配加密的密钥，允许发送方发送给接收者使用与发送方和接收方相关联的唯一密钥对电子邮件进行身份验证。收件人可以选择以这种方式接收或拒绝来自发件人的电子邮件，并可以随时更改所需的设置费用或要求，以确保发件人一旦注册后不会尝试破坏电子邮件系统。

77. 发明申请

US20090235327A1 SELECTABLE CAPTCHAS 有权
标题翻译：可选择CAPTCHAS
公开(公告)号：US20090235327A1
公开(公告)日：2009-09-17
申请号：US12045917
申请日：2008-03-11
申请人： Bjorn Markus Jakobsson , Philippe J.P. Golle , Richard Chow
发明人： Bjorn Markus Jakobsson , Philippe J.P. Golle , Richard Chow
IPC分类号： G06F7/04
CPC分类号： G06F21/31
摘要： A system for displaying a set of selectable CAPTCHAs produces a first set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the first set is associated with a CAPTCHA property. The system also produces a second set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the second set is not associated with a CAPTCHA property. Next, the system displays the first and second sets of CAPTCHAs. Finally, the system makes respective CAPTCHAs in the first and second sets of CAPTCHAs selectable, thereby allowing a user to pass a CAPTCHA challenge by distinguishing the first set of CAPTCHAs from the second set of CAPTCHAs without typing the words associated with the images.
摘要翻译：用于显示一组可选CAPTCHA的系统产生第一组CAPTCHA，其图像至少部分地基于字母数字序列，其中第一组中的相应CAPTCHA与CAPTCHA属性相关联。该系统还产生第二组CAPTCHA，其图像至少部分地基于字母数字序列，其中第二组中的相应CAPTCHA与CAPTCHA属性不相关联。接下来，系统显示第一组和第二组CAPTCH。最后，系统使CAPTCHAs的第一组CAPTCHA和第二组CAPTCHAs中的相应CAPTCH可选择，从而允许用户通过将CAPTCHA的第一组与第二组CAPTCHAs区分开来而不输入与图像相关联的单词来传递CAPTCHA挑战。

78. 发明授权

US07065655B1 Secure enclosure for key exchange 有权
标题翻译：安全机柜，用于密钥交换
公开(公告)号：US07065655B1
公开(公告)日：2006-06-20
申请号：US09717513
申请日：2000-11-21
申请人： Bjorn Markus Jakobsson
发明人： Bjorn Markus Jakobsson
IPC分类号： G06F11/30 , G06F12/14 , H04L9/32
CPC分类号： G06F21/606 , H04L9/0838 , H04L2209/80
摘要： A method is disclosed comprising placing a first device in an enclosure, placing a second device in the enclosure, sealing the enclosure, and after sealing the enclosure, causing the first device to exchange a key with the second device. After the key exchange, the first and second devices can be taken out of the enclosure and can use the key to communicate with each other securely and in an authenticated manner. The devices may be electronic devices or optical devices. The enclosure prevents electromagnetic radiation of a certain bandwidth from escaping and thus prevents an adversarial device from eavesdropping on communication between the first and second devices. The enclosure may include a filtering material such as a metal net. The enclosure may be, for example, a plastic bag or a glass container. The user may prepare two devices for a communication, such as a key exchange, by setting the two devices in a transfer mode, which may start the key exchange by a timer in one of the devices, then place them in the container, and seal the container. When the devices have finished the communication such as a key exchange, this fact may be signaled by sound or in some other manner by the devices. The container may have a separate compartment for each device and the compartments may be separated by a separation device such as a door comprised of filtering material. When both compartments are properly closed, the users may open the door allowing the two devices to discover each other and communicate or exchange encryption keys. The container may include a Bluetooth or other transmitter, connected to the outside world by means of cord device. The cord device may plug into a device outside of the container with which a key exchange is desired. A portable device is also disclosed in the form of for example, a floppy disc or a PCMCIA card.
摘要翻译：公开了一种方法，包括将第一装置放置在外壳中，将第二装置放置在外壳中，密封外壳，以及在密封外壳之后，使第一装置与第二装置交换钥匙。密钥交换之后，第一和第二设备可以从外壳中取出，并且可以使用该密钥通过认证方式相互通信。设备可以是电子设备或光学设备。外壳防止特定带宽的电磁辐射逸出，从而防止对抗设备窃听第一和第二设备之间的通信。外壳可以包括过滤材料，例如金属网。外壳可以是例如塑料袋或玻璃容器。用户可以通过将两个设备设置为传输模式来准备用于通信的两个设备，例如密钥交换，其可以通过其中一个设备中的定时器开始密钥交换，然后将其放置在容器中，并且密封容器当设备已经完成诸如密钥交换的通信时，该事实可以由声音或其他方式由设备发出信号。容器可以具有用于每个装置的单独的隔间，并且隔室可以由诸如由过滤材料构成的门的分离装置分开。当两个隔间正确关闭时，用户可以打开门，允许两个设备相互发现并通信或交换加密密钥。容器可以包括通过电缆装置连接到外界的蓝牙或其他发射器。绳索装置可以插入到需要密钥交换的容器外部的装置中。便携式设备也以例如软盘或PCMCIA卡的形式公开。

79. 发明授权

US07013295B2 Tagged private information retrieval 有权
公开(公告)号：US07013295B2
公开(公告)日：2006-03-14
申请号：US09727904
申请日：2000-12-01
申请人： Bjorn Markus Jakobsson , Claus Peter Schnorr
发明人： Bjorn Markus Jakobsson , Claus Peter Schnorr
IPC分类号： G06F17/60 , H04K1/00 , H04L9/00
CPC分类号： G06F21/10 , G06F2221/2115 , G06Q20/0855 , G06Q20/12 , G06Q20/1235 , G06Q20/3823 , G06Q20/383 , H04L9/3257 , H04L2209/56
摘要： Purchase of information items from a merchant over the Internet or other network is implemented so as to ensure that the merchant is unable to identify the particular information item(s) purchased by a user. The user when considering purchase of a given information item is permitted to access a corresponding signed ciphertext of that item. The signed ciphertext in an illustrative embodiment includes a first ciphertext portion in the form of a symmetric key encrypted using a public key associated with the merchant, a second ciphertext portion corresponding to the information item encrypted using the symmetric key, an unencrypted description of the information item, and a tag corresponding to a signature. The user requests purchase of the information item by sending a blinded version of the first ciphertext portion to a payment server along with an appropriate payment. The payment server decrypts the blinded version of the first ciphertext portion and returns the resulting symmetric key to the user. The user then utilizes the symmetric key to decrypt the second ciphertext portion so as to obtain the desired information item. The decrypting operation performed by the payment server may be implemented using at least part of a set of multiple rounds, with the user providing a blinded ciphertext and receiving a corresponding decryption result for each of the rounds.

80. 发明授权

US06978372B1 Verification of correct exponentiation or other operations in cryptographic applications 有权
标题翻译：验证加密应用程序中的正确取幂或其他操作
公开(公告)号：US06978372B1
公开(公告)日：2005-12-20
申请号：US09315628
申请日：1999-05-20
申请人： Bjorn Markus Jakobsson
发明人： Bjorn Markus Jakobsson
IPC分类号： G06F7/72 , H04K1/00 , H04L9/00
CPC分类号： G06F7/723 , G06F2207/7271
摘要： The correctness of an exponentiation operation or other type of operation associated with a multi-party cryptographic protocol is verified using first and second proofs based on a randomized instance of the operation. A prover generates signals corresponding to information representative of the first and second proofs based on the randomized instance. The first proof is a so-called “blinded” proof that the operation has been correctly performed, configured so as to prevent leaks of information relating to the cryptographic protocol. The second proof is a proof that the first proof has been correctly performed by the prover. The proof information signals are transmitted from the prover to a verifier, and the verifier uses the signals to determine if the operation associated with the cryptographic protocol is valid. For example, the verifier in an illustrative embodiment generates an indication that the operation was correctly performed if the first and second proofs are acceptable to the verifier, generates an indication that the operation was not correctly performed if the first proof is not acceptable but the second proof is acceptable, and generates an indication of a cheating prover if the second proof is not acceptable. The verification protocol can be used in applications in which the prover is distributed across a number of different machines.
摘要翻译：基于随机化的操作实例，使用第一和第二证明来验证与多方密码协议相关联的求幂操作或其他类型的操作的正确性。证明者根据随机化实例产生对应于表示第一和第二证据的信息的信号。第一个证明是所谓的“盲目”证明操作已被正确执行，配置为防止与密码协议有关的信息的泄漏。第二个证明是证明第一个证明是由证明者正确执行的。证明信息信号从证明者发送到验证者，验证者使用信号来确定与密码协议相关联的操作是否有效。例如，说明性实施例中的验证者产生指示，如果验证者可接受第一和第二证明，则操作被正确执行，则如果第一证明不可接受则产生操作未正确执行的指示，证明是可接受的，并且如果第二证明是不可接受的，则产生作弊证明者的指示。验证协议可以用于证明者分布在多个不同机器上的应用中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式